require 'digest/sha1'

class User < ActiveRecord::Base
  validates_presence_of :firstname, :role_id, :email
  validates_uniqueness_of :email

  attr_accessor :password_confirmation
  validates_confirmation_of :password

  validate :password_non_blank
  
  has_many :actualities
  belongs_to :role
  has_one  :patient
  has_many :tasks

  attr_accessor :password
  
  def after_destroy
    if User.count.zero?
      raise "Impossible de supprimer le dernier user"
    end
  end
  
  def password
    @password
  end
  
  def password=(pwd)
    @password = pwd
    return if pwd.blank?
    create_new_salt
    self.hashed_password = User.encrypted_password(self.password, self.salt)
  end
  
  def self.authenticate(email, password)
    user = self.find_by_email(email)
    if user
      expected_password = encrypted_password(password, user.salt)
      if user.hashed_password != expected_password
        user = nil
      end
    end
    user
  end

  private
    def password_non_blank
      errors.add_to_base "Mot de passe manquant" if hashed_password.blank?
    end

    def self.encrypted_password(password, salt)
      string_to_hash = password + "coucou" + salt
      Digest::SHA1.hexdigest(string_to_hash)
    end

    def create_new_salt
      self.salt = self.object_id.to_s + rand.to_s
    end
end
